- 05 1月, 2012 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: steve Update maximum message size for certifiate verify messages to support 4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
-
由 Dr. Stephen Henson 提交于
-
- 04 1月, 2012 3 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed by: steve Fix memory leaks.
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 01 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Support for TLS/DTLS heartbeats.
-
- 27 12月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve - remove some unncessary SSL_err and permit an srp user callback to allow a worker to obtain a user verifier. - cleanup and comments in s_server and demonstration for asynchronous srp user lookup
-
- 25 11月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve Make SRP conformant to rfc 5054. Changes are: - removal of the addition state after client hello - removal of all pre-rfc srp alert ids - sending a fatal alert when there is no srp extension but when the server wants SRP - removal of unnecessary code in the client.
-
- 05 9月, 2011 2 次提交
-
-
由 Bodo Möller 提交于
-
由 Bodo Möller 提交于
Submitted by: Adam Langley
-
- 14 6月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 04 6月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 25 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 20 5月, 2011 3 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 09 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
algorithms extension (including everything we support). Swicth to new signature format where needed and relax ECC restrictions. Not TLS v1.2 client certifcate support yet but client will handle case where a certificate is requested and we don't have one.
-
- 06 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
signature algorithms extension and correct signature format for server key exchange. All ciphersuites should now work on the server but no client support and no client certificate support yet.
-
- 17 3月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 13 3月, 2011 1 次提交
-
-
由 Ben Laurie 提交于
-
- 17 2月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
is picked up.
-
- 03 2月, 2011 1 次提交
-
-
由 Bodo Möller 提交于
-
- 14 11月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
correct: this isn't always true if we have more than one certificate.
-
- 06 9月, 2010 2 次提交
-
-
由 Ben Laurie 提交于
-
由 Ben Laurie 提交于
-
- 26 8月, 2010 2 次提交
-
-
由 Bodo Möller 提交于
SSL_[CTX_]set_not_resumable_session_callback. Submitted by: Emilia Kasper (Google) [A part of this change affecting ssl/s3_lib.c was accidentally commited separately, together with a compilation fix for that file; see s3_lib.c CVS revision 1.133 (http://cvs.openssl.org/chngview?cn=19855).]
-
由 Dr. Stephen Henson 提交于
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de> Support for abbreviated handshakes when renegotiating.
-
- 28 7月, 2010 1 次提交
-
-
由 Ben Laurie 提交于
-
- 28 2月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos ciphersuite bugs introduced with PR:1336."
-
- 27 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: steve@openssl.org More robust fix and workaround for PR#1949. Don't try to work out if there is any write pending data as this can be unreliable: always flush.
-
- 24 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should both address the original bug and retain compatibility with the old behaviour.
-
- 23 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
server attempts to renegotiate with an unpatched client.
-
- 01 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
algorithm matches current and give error if compression is disabled and server requests it (shouldn't happen unless server is broken).
-
- 31 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
used compression algorithms in client hello (a legacy from when the compression algorithm wasn't serialized with SSL_SESSION).
-
- 08 12月, 2009 2 次提交
-
-
由 Dr. Stephen Henson 提交于
work in SSLv3: initial handshake has no extensions but includes MCSV, if server indicates RI support then renegotiation handshakes include RI. NB: current MCSV value is bogus for testing only, will be updated when we have an official value. Change mismatch alerts to handshake_failure as required by spec. Also have some debugging fprintfs so we can clearly see what is going on if OPENSSL_RI_DEBUG is set.
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Add extension support to DTLS code mainly using existing implementation for TLS.
-
- 02 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
-
- 08 11月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 02 11月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS Fragment size bug fix.
-
- 30 10月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-